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-« < CAx<CA ( 

CA X - CAj and -« £ X < 156 

CA X - CAi and J 56 sx < 343 

CA X - CA, and 343 < X < 344 

CA* = CA, and 344 £ X < 00 

CA, <CA X <CA 2 

CA X - CA : and -00 s X < 00 



Then: Unknot CA (revocation status unknown) 
Then; X is revoked if and only if X « JT^ 
Then: X is revoked if and only if X - 156 
Then: X is revoked if and only if X =■ 343. 
]? cn: x is revoked if and onlv if X » 344* 
Then: Unknown CA (revocation status unknot) 
Then: X is revoked if and only if X = -00. 
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If: CA ; <CAx<CAj Then: Unknown CA (revocation starus unknown). 

If: CA X - CAj and -co £ X < 987 Then: X is revoked if and only if X = 

If: CA x -CA,ond987*X<op Then: X is revoked if uxl only if X = 987. 

If; CA 3 < CAx < co Then: Unknown CA (revocation status unknown). 

Note that for any CAx and X there is a single appropriate statement above which provides 
all known information about whether X is revoked. Furthermore, no statement can 
accidentally be applied to an inappropriate certificate. 

The CRT issuer now builds a set of data structures which express the statements above. 
Note that only two basic types of data structures are required: those which specify a range 
of unknown CAs and those which specify a range of certificates in which the lower 
endpoint is revoked and all larger certificates in the range are valid. 

The C A then builds a binary hash tree with hashes of the data structures as leaves. For the 
example above, there would be eleven leaf nodes (No..N 0t ]o), where N 0 j is the secure hash 
of the structure expressing the i+i* statement above. 




Wherever two arrows converge on a single node (such as N;,o is produced from N w and 
N u ), the right-hand node is computed as the secure hash of the left-hand two nodes with 
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the upper node hashed first. For example, Ni,o would equal H(N 1>2 1 Nu), where T 
denotes concatenation. A nodes with a single arrow is equal to the node to its left (i.e., 
N.x,, - N u ). Note that the root node (N« )0 ) is a function of all leaf nodes (i%..N 0 ,io). ' 
After producing the entire tree, the issuer digitally signs the root node along' with 
supporting information (like the date and time of the tree issuance). 

Confirmation Issuance and Verification 



To determine the revocation status of a certificate, the verifier needs the appropriate 
statement and proof that the statement is correct. The role of a confirmation issuers is to 
provide a verifier these two components. 

Expressing the statement is easy; that's just the appropriate leaf data structure. To assure 
the statement's validity, the verifier needs cryptographic proof that the leaf representative 
of the revocation status of the certificate is a the leaf in a properly signed tree This 
assurance consists of the signed root node and a set of intermediate nodes which 
cryptographically bind the appropriate leaf node to the root node. 

For example, for certificate 600 from CA», the appropriate statement is: 

If: CA X = CA, and 344 i X < co Then: X is revoked if and only if X = 344. 

The verifier can hash this statement structure to get N 0 , s . The supporting nodes in this 
example are N 0A N u . N i9 . and N 3>1 . The verifier can now use the secure hash function H 
to compute. 

N|,; - H(No.4 1 Noj) 
Na.i-H(N,.2|>f u ) 
N 3 , = HfNio | Ni,) 
JnV 0 = H(N3.o|N 3>1 ) 

Finally, the verifier can check that N4.0 was properly signed by the trusted tree issuer with 
me correct date, etc. If the original statement structure was tampered with or if any of the 
intermediate hashes were changed, the verifier will get a different value for N< 0 than was 
N*,,, signed by the tree issuer. 

Advantages of a CRT based system 

A CRT based approach has many advantages, notably: 

• Verification does not require knowledge of entire CRLs. 

• GIL caching and other optimizations are not required. 
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• Certificate holders can efficiently confirmations of their own certificates so that 
verifiers do not need to moke any additional network connections. 

• The system works with existing certificates, CRLs, etc. 

• The size of the supporting hashes is approximately 201og2(N), where N is the 
number of revoked certificates. The system works efficiently even if N is in the 
billions or trillions. 

• One tree with one signed root can provide proofs for all certificates in a chain, 
so only one public key operation can verify multiple certificates. 

• The system supports CA revocation. 

• All supporting information found in CRLs can be included including the 
revocation date/time, reason for revocation, etc. 
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Certium Application Toolkif™ 

The Cert urn application toolkit is a developer's toolkit that provides end user 
applications such as Web browsers and electronic mail clients with die ability 
to check the validity of digital certificates in real-time. The toolkit 
implements the verifier component of a certificate validity management 
system based on Certificate Revocation Trees. A typical verifier consists of 
functionality for the creation of certificate confirmation requests, the validation of 
certificate confirmation response, and the location of the nearest confirmation issuer. 

The toolkit includes C source code, developers' documentation and consulting 
assistance from Integris to complete the integration work. 



Highlights 



Designed to work with both the Integris operated Certium Service and any 
Certificate Server or Certificate Management System that incorporates the 
Certjum Server. 

Non-repudiable certificate status proof may be obtained by certificate 
holder, recipient or third-party. 

A transparent solution, end user typically unaware of validation. 

Thread-safe implementation, available on both Windows and UNDC 

Cryptographic code bases supported include Tipem/BSAEE and SSLEay, 
Crypto API 20 planned for 4Q 1996 release. 

Implementation based on open standards: PKCS-7, RSA SHA-L X-509 
ASN.l, HTTP. 

Toolkit license includes both development and redistribution nghts. 
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1. Background 

Under the X.509 directory infrastructure, certificate Revocation Lists (CRLs) are issued 
by Certificate Authorities (CAs) to revoke certificates. Because revoked certificates 
cannot be trusted, it is essential that systems using certificates include secure mechanisms 
to verity revocation status. Without such verification, a few compromised certificates 
could be used for wide-scale fraud. There will soon be millions of certificates accepted by 
protocols such as SSL and S/MTME and some fraction of these will need to be revoked. 

Protocols should be optimized for the case where certificates are not revoked, since in 
practice revoked certificates will only be encountered in extraordinary circumstances (i.e., 
cases of attempted fraud). CKLs are extremely inefficient, since verification of a 
certificate's status requires the entire CRL. As a result, CRLs will become unacceptably 
large in large-scale systems involving millions of certificates. Furthermore, if certificate 
chaining and attribute certificates are used, users must obtain separate CRLs from each 
CA in the chain and every attribute certificate issuer. If CRLs are used for revocation, 
systems must be able to get CRLs from every CA. (This problem can be alleviated 
somewhat by designating CRL repositories, but these systems would consume an 
enormous amount of network bandwidth.) Complete new CRLs must be downloaded 
regularly since users cannot reliably determine whether a given certificate is valid without 
the complete CRL. Network traffic dedicated to CRL distribution could potentially exceed 
all other traffic combined, especially if CRLs are updated frequently. 

While a variety of measures, such use of only very short-term certificates, can alleviate the 
situation somewhat, certificate validation trees ehminate the major problems associated 
with CRLs without sacrificing security. This document defines structures for certificate 
revocation trees. 

2. System Overview 

Certificate Validation Trees (CVT) trees provide an efficient way for certificate acceptors 
to determine whether certificates have been revoked and allow certificate holders to 
demonstrate that their own certificates have not been revoked. Trees are computed m 
advance by a "semi-trusted" party (such as Integris Security or a CA), which processes the 
data from one or more CRLs into tree form. The issuer is described as "semi-trusted," 
since the operation of the tree issuer is publicly auditable. Any independent party can 
verify that the tree issuer has not inappropriately revoked valid certificates or omitted 
revoked certificates from the tree. The tree's root node is then digitally signed. 

To prove that one or more certificates have not been revoked, the tree leaves spanning the 
certificates in question are required, along with the supporting hashes binding the leaves to 
the tree's root and the digitally-signed root. 
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Certificate validation involves four kinds of entities: CAs, CVT issuers, confirmation 
issuers, and verifiers. The CAs are responsible for issuing certificates and issuing CRJU. A 
CVT issuer collects and verifies CRLs from one or more CAs then constructs a digitally- 
signed, dated certificate validation tree. The signed tree structure is then provided to 
confirmation issuers, which respond to users' requests for revocation information 
regarding specific certificates. 

This document defines formats for the confirmation request, confirmation response, and 
CVT. 



3. Data Formats 

A Confirmation Request is passed from a verifier to a confirmation issuer and identifies 
one or more certificates whose revocation status is to be determined. 

ConfirmationRequest SEQUENCE { 

version Version DEFAULT vl, 

application!!) INTEGER, 

hash Algoritbmldentifier, 

requestList SEQUENCE OF Request, 

requestExtensions Extensions OPTIONAL } 

Request SEQUENCE { 

issuerNameAndKeyHash Hash, 
serialNurober CertificateSerialNumber } 

IssuerNameAndKey SEQUENCE { 

issuer Name, 

issuerPublicKey OCTET STRING } -Use what format!!!?- 

The issuerNameAndKeyHash is computed by hashing an IssuerNameAndKey field 
constructed for the CA in question using a cryptographic hash function (i.e., SHA-1). 

The confirmation issuer responds with a ConfirmationResponse structure; 

CoufirmationResponse ;:= SEQUENCE { 

resultStatus ResultStatus, 
certificateConfinnations SEQUENCE OF 

CertificateConfirmations, 
fonvardinglnfo [1] Forwardinglnfo OPTIONAL 

- Should makeforwarctinglnfo an extension? !!! « 

- NEED TO ADD [OPTIONAL] EXTENSIONS HERE- 
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ResultStatus 

successful 

someCertsUnknown 

matfbnnedRequest 

requestorUnaothorized 

internalError 

serverHasNoTree 

noGIobalTree 

} 

Forwardinglnfo 

siteNameList 

CertificateConflrmations 
treeHeader 
version 

minVersionToRead 

signature 

issuer 

thisUpdate 

nextUpdate 

validUntil 

hash 

totalLeafCount 
rootHash 
crtExtensions 
treeLeafAndPath 



ENUMERATED { 

( 0 ), ^Response has valid confirmations' 

( 1 )» -When is this returned?— 

( 2 ) , -Illegal confirmation request- 

( 3 ) , -User not authorized to u$e issuer™ 
( 4 ), -Internal error in issuer- 

( 5 )> -Issuer tree missing or out of date- 

( 6 ) -Request requires a global tree— 



SEQUENCE { 
SEQUENCE OF OCTET STRING } 

SEQUENCE { 
SIGNED { SEQUENCE { 
Version DEFAULT vl, 
Version DEFAULT vl, 
Algorithroldentifier* 
GeneralNames, 
GeneralizedTime, 
GeneralizedTime, 
GeneralizedTime, 
Algoritbmldentifier, 
LeafConnt* 
Hash, 

Extensions OPTIONAL }}, 
SEQUENCE SIZE (L JtfAX) OF 
TreeLeafAndPath } 



Version 

TreeSerialNumber 

LeafCount 

Hash 



TreeLeafAndPath 
treeLeaf 
leafPath 



INTEGER {vl(0)} 
::- INTEGER 

INTEGER (L.MAX) 

OCTET STRING 

Length must equal hash size 

::~ SEQUENCE { 
TreeLeaf, 

SEQUENCE OF Hash } 



— TreeLeaf must be DER encoded — 
TreeLeaf SEQUENCE { 

leafPosition LeafPosition, 
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LcafData } 
CHOICE { 

[0] UnknownCARange, 
[1] LeafRange } 

SEQUENCE { 

Hash, 

Hash} 



leafData 

LeafData »° 
unknownCA_Range 

leafRange 

UnknownCARangc 

issuerPublicKeyHashl 
issuerPubIicKeyHash2 

LeafRange :: = 
issuerPublicKeyHash 

thisCrlUpdate 

nextCriUpdate 

validUntil 

revocationDate 

rangeMinStatus 

rangeStatus 

rangeMiairnum 

rangeMaximum 

teafExtensions 

LeafPosition ::= 

RevocationStatus ::= 
revokedReasonUnspecified 
keyCompromise 
cACompromise 
affiliationChanged 
superseded 
cessationOfOperation 
certilicateHold 
expiredNormally 
noAcceptableCRL 
unsupportedRange 
unknownStatusOkay 
validCertificate 

CertSerialNumber INTEGER 



SEQUENCE { 

[0] Hash OPTIONAL, 

[1] GeneralizedTime OPTIONAL, 

[2] GeneralizedTime OPTIONAL, 

[3] GeneralizedTime OPTIONAL, 

[4] GeneralizedTime OPTIONAL, 

RevocationStatus, 

RevocationStatus, 
[5] CertSerialNumber OPTIONAL, 
[6] CertSerialNumber OPTIONAL, 
[7] Extensions OPTIONAL } 



INTEGER 

ENUMERATED { 
(0)> 

<n 

(3) , 

(4) , 

(5) , 
<6)> 

(7) . 

(8) . 

(32) , 

(33) , 
(64)} 



The treeHeader is digitally signed by the tree issuer and specifies the version of the current 
certificate validation tree, the oldest version with which the structure is backward- 
compatible, the tree serial number, the algorithm used to sign the header, the tree issuer's 
public key (hashed), the time of die tree's issuance, optionally the time of the next tree's 
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issuance, optionally the time when the tree expires, the secure hash function used to 
construct the tree, the total number ofleaves present in the tree, and finally the tree S root 
hash The tree serial number values should be assigned sequentially by the tree issuer, 
beginning with zero The tree issuer can either be a trusted third party entity (i.e., Integris 
Security) or the CA who originally issued the revoked certificates in the tree. 



4. Verifying confirmations 

/'!!! This section has not been polished yet] 

Ever>' TreeLeaf AndPatb is a cryptographic assertion from the revocation tree issuer that 
no known revoked certificates exist within some range. Either the certificate in question is 
not kno wn to be revoked, is revoked, is from a revoked CA, or is from a CA for which no 
CRL is present in the tree. (The third result is important, since applications might accept 
certificates from CAs whose CRLs are not in the tree, but no application should accept 
revoked certificates.) 

To determine a certificate's status given a treeHeader and treeLeafandPath, do the 
following: 

1. Check version and signature algorithm in treeHeader. 

2. Verify that the issuer Name in the treeHeader corresponds to a trusted party or 
the CA who issued the certificate in question. If the name is unrecognized, the 
confirmation is invalid. 

3 . Check that the tree is acceptably recent by checking the header validUntil field. 
(See step 9 for checking of the leafs time fields.) 

4. Check thai the Hash algorithm is acceptable (i.e., SHA). 

5. Verify the signature on the treeHeader using the public key corresponding to 
the issuer's name. 

6. Verify that leafPosition < totatt-eafCount 

7. Using the leafPosition, verify that the leafPath binds the hash of the leaf to the 
rootHash in the signed treeHeader. 

8. If the LeafData is of type UnknownCAJRange, verify that the hash of the CA's 
public key lies between issuerPublicKeyHashl and issucrPublicKeyHash2. If 
so, the CA is not in the tree. If not, the leaf is inappropriate. 

9. IftheLeafDateisoftypeLeafRange: 

• Verify that the issuerPublicKeyHash matches the hash of the CA's 
public key. (If issuerPublicKeyHash is omitted, it is identical to the tree 
issuer.) If the CA does not match, the leaf is inappropriate. 

• If present, verify that thisCrlUpdate, nextCrlUpdate, and validUntil are 
acceptable. 

• Verify that rangeMinimum, if present, is smaller than or equal to the 
serial number of the certificate in question. Also verify that 
rangeMaximum, if present, is larger than the serial number of the 
certificate in question. 
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• Check the RevocationStaws field. If 32 S RevooatioflStatus < 64, the 
certificate's status is unknown. The value 32 corresponds to an 
unknown range (i.e., absolutely no revocation infonnation is available). 
The value 33 Indicates that no current revocation information is present 
for this range, but this is normal so applications may decide to accept 
certificates io the range. 

• If 64 5 RevocationStatus < 96 or if certificateSerialNumber * 

rangeMinimum, the certificate is valid. Otherwise the certificate is 

revoked for the reason specified in RevocationStatus. 

The issuerPublicKeyHasb values are computed as the hash of the DER-encoded public 
key of the CA. The time in thfaCriUpdate and optionally nextCrlUpdate in the 
LeafRange structure equal thisUpdate and nextTJpdate from the CRL from the specified 
C A which is used in the tree. 

The recipient of a treeLeafAndPath can use the leafPath to verify that each treeLeaf is 
cryptographically bound to the root: 

Let maxDepth = f log 2 (tctaILeafCount)l - M rounds up if not an integer. « 
Let y - leafPosition. 

Let i = 0. 

bash[0] = HASHED { treeLeaf } 
For x » 0 upto maxDepth-1 

Let y 9 - (y © 2 X ) - ((y © 2 X ) mod 2 X ). 

if y* < y then 

hash[i+l] = HASHED { hash[x] | leafPath [x-i] } 
else if y 1 < totalLcafCount then 

hash[x+l] = HASHED { IeafPatb[x-i] | hash[x] }. 

else 
EndFor. 

Assert (hash[maxDepth] = rootHash), 

The operation of the revocation tree issuer can be verified easily, since anyone can verify 
that 

1) all known revoked certificates and CAs should be contained in the tree, and 

2) only known revoked certificates and CAs are contained in the tree. 

A tree can include revocations for multiple CAs so that a single CertificateConfirmations 
structure can provide assurances for all certificates in a chain. The tree can even include 
revoked non-X509 certificates (in which case the structure of TreeLeaf might change). 

CertificateConfirroations messages are quite small; even if the tree includes many millions 
of revoked certificates. For example, each leafPath from a tree with a billion leaves using a 
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hash size of 20 bytes would require about 600 bytes. A simgle asymmetric signature 

verification can provide assurances for all certificates in the chain. 

Tree construction can be performed in linear time. Using the tree and signed root, 
confirmations can be constructed very efficiently using only insecure hardware. 



5. ASN.1 Module 

CertRevocationTreesDefinitions { joint-iso-ccitt (2) country (16) us (840) 

organization (1) integris (-TBD!!!-) modules (1) 
CertRevocationTreesDefinitions (1) } 
DEFINITIONS IMPLICIT TAGS 
BEGIN 

~ IZXPORTS all definitions, in particular: 
~ CertificateConfirmations, 

- Message syntax to communicate certificate confirmations - 

CohflrmationRequest 

- - Message syntax to request certificate confirmations — 

IMPORTS 

Algorithmldentifier, SIGNED, Extensions 

FROM AothenticationFr&inework {joint-iso-ccitt ds(S) 
module(l) authenticationFraroework(7) 2} 

- Note definition of Extensions requires application of 

- Technical Corrigendum J - 
GeneralNames 

FROM CertificateExtensions {joint-iso-ccitt ds(5) 
module(l) certificateExtensions(26) 0} ; 

- Message syntax to request certificate confirmations — 

ConfirmationRequest ::= SEQUENCE { 

version Version DEFAULT vl, 

application© INTEGER, 

hash Algorithmldentifier, 

requestList SEQUENCE OF Request* 

requestExtensions Extensions OPTIONAL } 



Request SEQUENCE { 

issuerNameAndKeyHasb Hash, 
serialNumber CertSerialNumber } 
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— Message syntax to communicate certificate confirmations — 

ConfirmationResponse SEQUENCE { 

resultStatus ResultStatus, 
certificateConfinnations SEQUENCE OF 

CertificateConfirraatioiis, 
forwardinglnfo [1] Forwardinglnfo OPTIONAL 



ResultStatus :;= ENUMERATED { 

successful ( 0 ), 

someCertsUnknown ( 1 ), 

malformedRequest ( 2 ), 

requestorUnauthorized ( 3 )» 

intern alError ( 4 ), 

serverHasNoTree ( 5 ) t 

noGlobalTree ( 6 ) } 



Forwardinglnfo 

siteNameList 

CertificateConfinnations 
treeHeader 
version 

minVersionToRead 

signature 

issuer 

thisUpdate 

nextUpdate 

validUntil 

hash 

totalLeafCount 
rootHash 
crtExteusions 
treeLeafAndPath 



Version 

TreeSerialNuxnber 

LeafCount 

Hash 



SEQUENCE { 
SEQUENCE OF OCTET STRING } 

SEQUENCE { 
SIGNED { SEQUENCE { 
Version DEFAULT vl, 
Version DEFAULT vl, 
Algorithmldentifier, 
GeneralNaines, 
Genera UzedTime, 
GeneralizedTune, 
GeneraliztdTime, 
Algorithmldentifier, 
LeafCount, 
Hash, 

Extensions OPTIONAL }}♦ 
SEQUENCE SIZE (L.MAX) OF 
TreeLeafAndPatb } 



:« INTEGER { vl(0) } 

INTEGER 

:« INTEGER (L.MAX) 

:« OCTET STRING 

- Length must equal hash size ■ 
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TreeLeafAndPath 
treeLeaf 

leafFatb 



SEQUENCE { 
TreeLeaf, 

SEQUENCE OF Hash} 



- TreeLeaf must be DER encoded - 

TreeLeaf SEQUENCE { 



leafPosition 
leafData 

LeafData ;:■ 
unknownCAJRange 
leafRange 

UnknownCARange 

issuerPublicKeyHashl 
issuerPublicKeyHash2 

LeafRange ; 
issuerPublicKeyHash 
thisGrlUpdate 

nextCriUpdate 

validUntil 

revocationDate 

rangeMinStatus 

rangeStatus 

rangeMinimmn 

rangeMaximum 

leafExtensions 



LeafPosition, 
LeafData } 

CHOICE { 

[0] UnknownCARange, 
[1] LeafRange } 

SEQUENCE { 
Hash, 
Hash} 

= SEQUENCE { 



LeafPosition 

RevocationStatus ; ; 

unspecified 
keyCompromise 
cACompromise 
afTiliationChanged 
superseded 
cessationOfOperation 
certiflcateHold 
expiredNonnally 
noAcceptableCRL 
unsupportedRange 
unksownStatusOkay 
validCertificate 



[0] 
[1] 
[2] 
P] 
[4] 



[5] 

M 

I?] 



Hash OPTIONAL, 
GeneralizedTime OPTIONAL, 
GeneralizedTime OPTIONAL, 
GeneralizedTime OPTIONAL, 
GeneralizedTime OPTIONAL, 
RevocationStatus, 
RevocationStatus, 
CertSerialNumber OPTIONAL, 
CertSerialNumber OPTIONAL, 
Extensions OPTIONAL } 



INTEGER 

;:= ENUMERATED { 
(0), 

(2) , 

(3) , 

(4) , 

(5) , 

(6) , 

(7) , 

(8) , 

(32) , 

(33) , 
(64) } 
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CertSerialNumber ::- INTEGER 
END 
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